When defining user roles, you can build menus with the different FPM applications. In there, you can assign what FPM configurations to be displayed. What this involves is copying the existing standard FPM configurations, modifying the copies and then assigning them to authorization roles.
As for implementing that per different BP roles, you can use the above technique. Then, for each "un-authorized" role, use CBA to hide those fields. However, this will only hide the fields and not the whole UIBB. See this document for how to work with CBA. The BP CBA schema is called BP_ADAPTS.
Personally, I have not been completely happy with CBA implementations. There is something clunky about them and some little thing is always missing. So, you might end up having to do something in the FPM application controller if you get a similar experience. See the FPM developer guide for information on how to use that.
It's been a while since I last did anything with FPM or CBA so things could have improved in 7.4 and my first two suggestions might be easy to do rather than enhance or build a new FPM application controller.